Sensitivity analyzers are implemented in Haskell, and require cabal installation as a prerequisite. The analyser should work at least with version 188.8.131.52.
Building starts at
pleak-sql-analysis/local-sensitivity-cabal. When building for the first time, a sandbox needs to be initilaized, and the dependencies installed my means of cabal.
cabal sandbox init cabal update cabal install --only-dependencies cabal configure cabal build
is required to rebuild when files have changed. If the building starts giving error messages like
dist/build/banach/banach-tmp/XXXX.o: In function `c4IVe_info': (.text+0x40420): undefined reference to `YYYY_zdsfromList1_info'
it is sufficient to make a formal change in the file XXXX.hs (e.g. add an empty row) to force its re-build.
If dependencies or project structure have changed, then run the configuration again.
cabal install --only-dependencies cabal configure cabal build
Building starts at
pleak-sql-analysis/banach. First, repeat the building procedure using
cabal, exactly in the same way as it was done for local sensitivity part.
PostgreSQL needs to run as a background process on the local machine. The analyser should work at least with version 9.5.13.
After PostgreSQL has been installed, it is necessary to create a database named 'banach', assuming it will be used only by the sensitivity analyser. Permissions on 'banach' database need to be given to the user that runs the analyser. Here is an example of how to do it with Ubuntu system:
USERNAME@xxxx:~$ sudo -u postgres -i
Here the system prompts USERNAME's password.
postgres@xxxx:~$ psql postgres=# create user USERNAME; postgres=# create database USERNAME; postgres=# \q
Now try to log in under USERNAME:
postgres@xxxx:~$ exit logout USERNAME@xxxx:~$ psql psql (9.5.13) Type "help" for help.
Finally, create the database named 'banach'
USERNAME=# create database banach; CREATE DATABASE USERNAME=# \c banach; You are now connected to database "banach" as user USERNAME. USERNAME=# \q
All required components should now have been installed and configured.
The executable is created in the subdirectory
While both local and derivative sensitivity analysers can be used independently, we can combine their results together, so that both types of distances can be defined for the tables. To enable such analysis, go to
pleak-sql-analysis/banach and give execution permission to the file
sqlsa-quiet located there.
chmod a+x sqlsa-quiet
The derivative sensitivity analyser will now be able to call the local sensitivity analyser.
We give some example runs of the analysers.
dist/build/banach/banach -QD --db-create-tables demo_schema.sql demo_query.sql demo_attacker.att --epsilon 1.0 --beta 0.1
demo_schema.sqlcontains the database schema
demo_query.sqlcontains the query
default_attacker.att(allowed to be an empty file) is the description of constraints on attributes
T.dbcontains the table data, where the entries are delimited by whitespaces, and the first row contains corresponding attribute names
T.nrmcontains the table norm, defined using the syntax described in the quick guide.
beta are optional. The default
epsilon value is 1, so it is actually reasonable for the user to choose it depending on privacy requirements. The default
beta is chosen in such a way that it is adapted to epsilon, so it is not of great importance.
–db-create-tables reads data from
.db files and stores it to PostgreSQL database. Hence, if the data has already been uploaded once and it has not been updated, there is no need to create the tables again, and
–db-create-tables can be removed.
dist/build/banach/banach -QDp --db-create-tables demo_schema.sql demo_query.sql demo_attacker.att --policy=demo_policy.plc --epsilon 0.3
demo_policy.plccontains the attributes that the attacker tries to guess, and the corresponding precision
epsilonis no longer the differential privacy parameter, but the desired bound on guessing advantage.
dist/build/banach/banach -QDc --db-create-tables demo_schema.sql demo_query.sql demo_attacker.att --epsilon 1.0 --beta 0.1 --distance-G=1.0
–distance-Gis the default cost of row addition/deletion, overloaded by individual G values given in the table norm